Actually, you can. Use FGAC (Fine-Grained Access Control) and you can put a Policy in place on a table that even the table owner can't bypass - even System can't bypass. Only Sys can bypass FGAC policies - and the owner of the security schema in which you place the Policy functions.
I've used FGAC and Application Context successfully to enforce complex security, but the more I think about it, you could really do some fiendish tricks with it - if you were the fiendish kind. ;-) Jack -------------------------------- Jack C. Applewhite Database Administrator/Developer OCP Oracle8 DBA iNetProfit, Inc. Austin, Texas www.iNetProfit.com [EMAIL PROTECTED] (512)327-9068 -----Original Message----- Baumgartel Sent: Tuesday, November 27, 2001 3:55 PM To: Multiple recipients of list ORACLE-L You can't revoke the ability to delete from the schema owner. You could revoke CREATE SESSION from the schema owner, but that doesn't solve the problem of DBA-privileged accounts being able to delete. I'm guessing that this is a perfect opportunity to use an "INSTEAD OF" trigger. --- Aldi Barco <[EMAIL PROTECTED]> wrote: > Hi Listers, > > How can we revoke 'delete privilege' from the schema owner of the > table and > also from DBA ? > If it is not possible, can we set through trigger ? > Thanks. > > Aldi > > _________________________________________________________________ > Get your FREE download of MSN Explorer at > http://explorer.msn.com/intl.asp > > -- > Please see the official ORACLE-L FAQ: http://www.orafaq.com > -- > Author: Aldi Barco > INET: [EMAIL PROTECTED] > > Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051 > San Diego, California -- Public Internet access / Mailing > Lists > -------------------------------------------------------------------- > To REMOVE yourself from this mailing list, send an E-Mail message > to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in > the message BODY, include a line containing: UNSUB ORACLE-L > (or the name of mailing list you want to be removed from). You may > also send the HELP command for other information (like subscribing). __________________________________________________ Do You Yahoo!? Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1 -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Paul Baumgartel INET: [EMAIL PROTECTED] Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051 San Diego, California -- Public Internet access / Mailing Lists -------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing). -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Jack C. Applewhite INET: [EMAIL PROTECTED] Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051 San Diego, California -- Public Internet access / Mailing Lists -------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
